Re-enable SameSite cookie iframe WPTs

These tests were temporarily disabled due to an incompatibility between Firefox and Chromium. Now that this has been resolved by a spec PR (httpwg/http-extensions#1428), the tests can be re-enabled. Additionally, one of the tests was adjusted to reflect the behavior for redirects specified in httpwg/http-extensions#1348, which is enabled as part of --enable-experimental-web-platform-features. Bug: 1074441 Change-Id: I7e1deadf0c080927cc328b54d300d5d418fa5c6d Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3054294 Reviewed-by: Steven Bingler <[email protected]> Commit-Queue: Lily Chen <[email protected]> Cr-Commit-Position: refs/heads/master@{#905421}
web-platform-tests · Jul 26, 2021 · 751505d · 751505d
1 parent 939731a
commit 751505d
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 2 deletions.
diff --git a/cookies/samesite/iframe-reload.https.html b/cookies/samesite/iframe-reload.https.html
@@ -7,6 +7,13 @@
 <!-- We're appending an <iframe> to the document's body, so execute tests after we have a body -->
 <body>
 <script>
+  // This test creates an iframe with postToParent.py on the specified origin,
+  // which sends a postMessage event with the cookies it received back to the
+  // parent (i.e., here). Upon receiving the message, the test verifies that the
+  // correct cookies were sent to the iframe, and posts a message back to the
+  // iframe telling it to reload itself. Upon reload, the iframe sends a
+  // postMessage event back to the test with the cookies it received, which are
+  // again verified.
   function create_test(origin, target, expectedStatus, expectedDomStatus, title) {
     promise_test(t => {
       var value = "" + Math.random();

diff --git a/cookies/samesite/iframe.https.html b/cookies/samesite/iframe.https.html
@@ -7,6 +7,10 @@
 <!-- We're appending an <iframe> to the document's body, so execute tests after we have a body -->
 <body>
 <script>
+  // This test creates an iframe with postToParent.py on the specified origin,
+  // which sends a postMessage event with the cookies it received back to the
+  // parent (i.e., here). Upon receiving the message, the test verifies that the
+  // correct cookies were sent to the iframe.
   function create_test(origin, target, expectedStatus, expectedDomStatus, title) {
     promise_test(t => {
       var value = "" + Math.random();
@@ -46,12 +50,12 @@
   // Redirect from {same-host,subdomain,cross-site} to same-host:
   create_test(SECURE_ORIGIN, redirectTo(SECURE_ORIGIN, SECURE_ORIGIN), SameSiteStatus.STRICT, DomSameSiteStatus.SAME_SITE, "Same-host redirecting to same-host fetches are strictly same-site");
   create_test(SECURE_ORIGIN, redirectTo(SECURE_SUBDOMAIN_ORIGIN, SECURE_ORIGIN), SameSiteStatus.STRICT, DomSameSiteStatus.SAME_SITE, "Subdomain redirecting to same-host fetches are strictly same-site");
-  create_test(SECURE_ORIGIN, redirectTo(SECURE_CROSS_SITE_ORIGIN, SECURE_ORIGIN), SameSiteStatus.STRICT, DomSameSiteStatus.SAME_SITE, "Cross-site redirecting to same-host fetches are strictly same-site");
+  create_test(SECURE_ORIGIN, redirectTo(SECURE_CROSS_SITE_ORIGIN, SECURE_ORIGIN), SameSiteStatus.CROSS_SITE, DomSameSiteStatus.SAME_SITE, "Cross-site redirecting to same-host fetches are cross-site");
 
   // Redirect from {same-host,subdomain,cross-site} to subdomain:
   create_test(SECURE_SUBDOMAIN_ORIGIN, redirectTo(SECURE_ORIGIN, SECURE_SUBDOMAIN_ORIGIN), SameSiteStatus.STRICT, DomSameSiteStatus.SAME_SITE, "Same-host redirecting to subdomain fetches are strictly same-site");
   create_test(SECURE_SUBDOMAIN_ORIGIN, redirectTo(SECURE_SUBDOMAIN_ORIGIN, SECURE_SUBDOMAIN_ORIGIN), SameSiteStatus.STRICT, DomSameSiteStatus.SAME_SITE, "Subdomain redirecting to subdomain fetches are strictly same-site");
-  create_test(SECURE_SUBDOMAIN_ORIGIN, redirectTo(SECURE_CROSS_SITE_ORIGIN, SECURE_SUBDOMAIN_ORIGIN), SameSiteStatus.STRICT, DomSameSiteStatus.SAME_SITE, "Cross-site redirecting to subdomain fetches are strictly same-site");
+  create_test(SECURE_SUBDOMAIN_ORIGIN, redirectTo(SECURE_CROSS_SITE_ORIGIN, SECURE_SUBDOMAIN_ORIGIN), SameSiteStatus.CROSS_SITE, DomSameSiteStatus.SAME_SITE, "Cross-site redirecting to subdomain fetches are cross-site");
 
   // Redirect from {same-host,subdomain,cross-site} to cross-site:
   create_test(SECURE_CROSS_SITE_ORIGIN, redirectTo(SECURE_ORIGIN, SECURE_CROSS_SITE_ORIGIN), SameSiteStatus.CROSS_SITE, DomSameSiteStatus.CROSS_SITE, "Same-host redirecting to cross-site fetches are cross-site");